FALSE ALARM!!
The issue was not with WPD, but rather the caching plugin serving 3 day old content from when I first set up the site.
Be careful when using cache and setting up/updating your website!
During the process of troubleshooting and verifying how WPD works, I discovered a critical security issue.
I have informed the authors of the exact nature of the issue. I won’t publicize the problem unless they decide not to fix it.
I will tell you one way to prevent your site from being hacked or being attacked by bots. You should get a security plugin and change the login method to email address only, NOT the user name.
Let’s be clear: you should not be logging into your website using the user name because it’s not secure (well, it’s secure for you, but will leave your site vulnerable).